Latest Event Updates

Airlines Urged by U.S. to Give Notice to China

WASHINGTON — Just hours after China scrambled fighter jets to enforce its newly declared air defense zone, the Obama administration decided on Friday to advise American commercial airlines to comply with China’s demands to be notified in advance of flights through the area.

While the United States continued to defy China by sending military planes into the zone unannounced, administration officials said they had made the decision to urge civilian planes to adhere to Beijing’s new rules because they worried about an unintended confrontation.

Although the officials made clear that the administration rejects China’s unilateral declaration of control of the airspace over a large area of the East China Sea, the guidance to the civilian airlines could be interpreted in the region as a concession in the battle of wills with China.

“The U.S. government generally expects that U.S. carriers operating internationally will operate consistent with” notice requirements “issued by foreign countries,” the State Department said in a statement, adding that that “does not indicate U.S. government acceptance of China’s requirements.”

The decision contrasted with that of Japan’s government earlier this week, when it asked several Japanese airlines, which were voluntarily following China’s rules, to stop, apparently out of fear that complying with the rules would add legitimacy to Chinese claims to islands that sit below the now contested airspace. China’s newly declared air defense zone, experts say, is designed mainly to whittle away at Japan’s hold on the islands, which it has long administered.

On Saturday, a Japanese Foreign Ministry official said, “We will not comment on what other countries are doing with regard to filing flight plans.” It was not immediately clear if the Obama administration had notified Japan, a close ally, of its decision.

The American decision drew criticism from some quarters. Stephen Yates, a former Asia adviser to Dick Cheney when he was vice president, said it was “a bad move” that would undercut allies in the region that take a different stance. “We should be guided by their preferred approach,” Mr. Yates said.

But Strobe Talbott, a former deputy secretary of state under Bill Clinton and now president of the Brookings Institution, said it was important to avoid an accident while drawing a firm line. “The principal option is to be extremely clear that disputes” over territory “must be resolved through diplomacy and not unilateral action,” he said.

The American announcement came on the same day Chinese state news media said that China sent jets aloft and that they identified two American surveillance planes and 10 Japanese aircraft in the air defense zone the country declared last weekend. Although there was no indication that China’s air force showed any hostile intent, the move raised tensions.

Earlier in the week, the United States sent unarmed B-52s into the area, and they proceeded unimpeded. China then appeared to back down somewhat from its initial declaration that planes must file advance flight plans or face possible military action.

The administration’s decision on Friday underscored the delicate position President Obama finds himself in, drawn into a geopolitical dispute that will test how far he is willing to go to contain China’s rising regional ambitions.

China’s move thrust the United States into the middle of the already prickly territorial clash between Beijing and Tokyo, a position the administration had avoided for months even while reiterating that it was treaty-bound to defend Japan if it were ever attacked. After the Chinese declaration last weekend, American officials feared that, if left unchallenged, the Chinese action would lead to ever greater claims elsewhere in the Pacific region.

But with planes flying so fast and in such proximity, the administration’s worries grew that an accident or an unintended confrontation could spiral out of control. A midair collision between a Chinese fighter jet and an American spy plane off the coast of China in 2001 killed the fighter pilot and forced the spy plane to make an emergency landing on Hainan island, setting off a diplomatic episode until Beijing released the American crew and sent the plane back, broken into parts.

“Crowded air lanes increase the chances for an unwanted incident,” said Jon M. Huntsman Jr., Mr. Obama’s first ambassador to China. “The challenge here, as with April 2001, is when you have an unexpected crisis, things escalate very, very quickly without any plans for de-escalation. That’s one of the big challenges we have in the U.S.-China relationship.”

One of the biggest challenges for Mr. Obama will be navigating the complicated personalities of leaders in Tokyo and Beijing. Prime Minister Shinzo Abe of Japan, a strong nationalist, has vowed to stand firm against any Chinese encroachments, while President Xi Jinping of China has recently taken over as leader and has promised to advance a strong foreign policy meant to win his country more recognition as an international power.

The two countries have been at odds for years over the uninhabited islands known as Diaoyu by the Chinese and Senkaku by the Japanese. The United States does not take a position on the dispute, but it has said that an attack over the islands would be covered by its mutual defense treaty with Japan.

Although administration officials believe Chinese actions are mainly meant to give it an advantage in its struggle with Japan over the islands, experts on Asia say they also fit China’s larger goal of establishing itself as the dominant power in the region, displacing the United States.

Administration officials said they decided to proceed with routine military training and surveillance flights so as not to legitimize China’s assertion of control over the airspace or encourage it to establish a similar air zone over the South China Sea, where it has territorial disputes with Vietnam, Brunei, Taiwan and the Philippines. China had said it expected to set up other air defense zones, and experts said they expected one to cover that sea.

“We don’t want this to be the first in what would be a series of assertive moves,” said an administration official, who insisted on anonymity to discuss a delicate diplomatic matter. “The whole area’s fraught.”

Mr. Obama is sending Vice President Joseph R. Biden Jr. to the region next week, when he will meet with both Mr. Xi and Mr. Abe as well as South Korea’s leader. Although the trip was previously scheduled, it will put Mr. Biden in the center of the dispute at a difficult moment, and aides said he would deliver a message of caution to both sides to avoid escalation.

Many countries, including the United States and Japan, have air defense zones, but the coordinates of the Chinese zone overlap those of Japan, South Korea and Taiwan.

Peter Dutton, the director of the China Maritime Studies Institute at the United States Naval War College in Newport, R.I., said the new air zone also gives China a legal structure to intercept American surveillance flights in international airspace, which have long irritated Beijing.

“It is clear that the Chinese do not seek regional stability on any level,” Mr. Dutton said. “They intend to be disruptive in order to remake the Asian regional system in accordance with their preferences.”

The Chinese sent jets on patrol into the contested airspace on Thursday, but the flights on Friday appeared to be different, with the state news media indicating the jets were scrambled specifically to respond to foreign jets in the area.

Focus magazine said an analysis by German security services showed Merkel’s calls were listened into by even more people than initially thought.

It said analysis by German security services showed the four countries, and not just the US, were eavesdropping.

The British Embassy in Berlin declined to comment on the allegations.

Relations between Germany and the US have turned chilly since it was alleged that its National Security Agency (NSA) has been tapping Merkel’s phone, possibly from a listening station on top of the US embassy which is just a few hundred metres away from the Chancellor’s office in the centre of Berlin.

Focus, meanwhile, also reported that as well as targeting Merkel’s phone, Russian spies were particularly active in Germany with 120 agents operating in the country.

US officials arrived in Berlin on Monday to meet the German foreign minister over the NSA spying scandal.

One of the officials said the United States was taking German outcry over revelations of American spying on Europeans seriously, ahead of his visit to soothe frazzled ties.

Congressman Gregory Meeks told Handelsblatt newspaper that US-German relations were “of enormous importance” and must be stronger and closer still.

“We want the Germans to know that we don’t take their anger lightly,” Meeks said in comments reported in German and made before his trip together with Senator Chris Murphy, who chairs the Foreign Relations Subcommittee on European Affairs.

They were scheduled to meet the German foreign and interior ministers on Monday before heading to Brussels on Tuesday.

Germans have reacted angrily to revelations that emails, phone calls, web searches and other data may have been hoovered up by US intelligence agents, as part of widespread espionage that has also strained Washington’s ties with other partners.

After meeting the US delegation Monday, Thomas Oppermann, the Social Democrats’ parliamentary group leader and chairman of the secret service oversight committee, said the US espionage affair was “not over”.

“We expect further light to be shed,” he said, adding there had been agreement between the parties “that the completely out-of-hand practice of bugging by the NSA must finally have limits”.

Merkel called in parliament last week for answers over “grave” US spying accusations which, she said, were testing transatlantic ties, including fledgling US-EU trade talks.

“We understand the German fears,” Meeks said, adding that US President Barack Obama was also “very concerned”.

“For this reason he’s having checked which secret service methods are reasonable and which are not,” he added.

The internet mystery that has the world baffled

For the past two years, a mysterious online organisation has been setting the world’s finest code-breakers a series of seemingly unsolveable problems. But to what end? Welcome to the world of Cicada 3301

One evening in January last year, Joel Eriksson, a 34-year-old computer analyst from Uppsala in Sweden, was trawling the web, looking for distraction, when he came across a message on an internet forum. The message was in stark white type, against a black background.

“Hello,” it said. “We are looking for highly intelligent individuals. To find them, we have devised a test. There is a message hidden in this image. Find it, and it will lead you on the road to finding us. We look forward to meeting the few that will make it all the way through. Good luck.”

The message was signed: “3301”.

A self-confessed IT security “freak” and a skilled cryptographer, Eriksson’s interest was immediately piqued. This was – he knew – an example of digital steganography: the concealment of secret information within a digital file. Most often seen in conjunction with image files, a recipient who can work out the code – for example, to alter the colour of every 100th pixel – can retrieve an entirely different image from the randomised background “noise”.

It’s a technique more commonly associated with nefarious ends, such as concealing child pornography. In 2002 it was suggested that al-Qaeda operatives had planned the September 11 attacks via the auction site eBay, by encrypting messages inside digital photographs.

Sleepily – it was late, and he had work in the morning – Eriksson thought he’d try his luck decoding the message from “3301”. After only a few minutes work he’d got somewhere: a reference to “Tiberius Claudius Caesar” and a line of meaningless letters. Joel deduced it might be an embedded “Caesar cipher” – an encryption technique named after Julius Caesar, who used it in private correspondence. It replaces characters by a letter a certain number of positions down the alphabet. As Claudius was the fourth emperor, it suggested “four” might be important – and lo, within minutes, Eriksson found another web address buried in the image’s code.

Feeling satisfied, he clicked the link.

It was a picture of a duck with the message: “Woops! Just decoys this way. Looks like you can’t guess how to get the message out.”

“If something is too easy or too routine, I quickly lose interest,” says Eriksson. “But it seemed like the challenge was a bit harder than a Caesar cipher after all. I was hooked.”

Eriksson didn’t realise it then, but he was embarking on one of the internet’s most enduring puzzles; a scavenger hunt that has led thousands of competitors across the web, down telephone lines, out to several physical locations around the globe, and into unchartered areas of the “darknet”. So far, the hunt has required a knowledge of number theory, philosophy and classical music. An interest in both cyberpunk literature and the Victorian occult has also come in handy as has an understanding of Mayan numerology.

It has also featured a poem, a tuneless guitar ditty, a femme fatale called “Wind” who may, or may not, exist in real life, and a clue on a lamp post in Hawaii. Only one thing is certain: as it stands, no one is entirely sure what the challenge – known as Cicada 3301 – is all about or who is behind it. Depending on who you listen to, it’s either a mysterious secret society, a statement by a new political think tank, or an arcane recruitment drive by some quasi-military body. Which means, of course, everyone thinks it’s the CIA.

For some, it’s just a fun game, like a more complicated Sudoku; for others, it has become an obsession. Almost two years on, Eriksson is still trying to work out what it means for him. “It is, ultimately, a battle of the brains,” he says. “And I have always had a hard time resisting a challenge.”

On the night of January 5 2012, after reading the “decoy” message from the duck, Eriksson began to tinker with other variables.

Taking the duck’s mockery as a literal clue, Eriksson decided to run it through a decryption program called OutGuess. Success: another hidden message, this time linking to another messageboard on the massively popular news forum Reddit. Here, encrypted lines from a book were being posted every few hours. But there were also strange symbols comprising of several lines and dots – Mayan numbers, Eriksson realised. And duly translated, they led to another cipher.

Up until now, Eriksson would admit, none of the puzzles had really required any advanced skills, or suggested anything other than a single anonymous riddle-poser having some fun. “But then it all changed,” says Eriksson. “And things started getting interesting.”

Suddenly, the encryption techniques jumped up a gear. And the puzzles themselves mutated in several different directions: hexadecimal characters, reverse-engineering, prime numbers. Pictures of the cicada insect – reminiscent of the moth imagery in Thomas Harris’s The Silence of the Lambs – became a common motif.

“I knew cicadas only emerge every prime number of years – 13, or 17 – to avoid synchronising with the life cycles of their predators,” says Eriksson. “It was all starting to fit together.” The references became more arcane too. The book, for example, turned out to be “The Lady of the Fountain”, a poem about King Arthur taken fromThe Mabinogion, a collection of pre-Christian medieval Welsh manuscripts.

Later, the puzzle would lead him to the cyberpunk writer William Gibson – specifically his 1992 poem “Agrippa” (a book of the dead), infamous for the fact that it was only published on a 3.5in floppy disk, and was programmed to erase itself after being read once. But as word spread across the web, thousands of amateur codebreakers joined the hunt for clues. Armies of users of4chan, the anarchic internet forum where the first Cicada message is thought to have appeared, pooled their collective intelligence – and endless free time – to crack the puzzles.

Within hours they’d decoded “The Lady of the Fountain”. The new message, however, was another surprise: “Call us,” it read, “at telephone number 214-390-9608”. By this point, only a few days after the original image was posted, Eriksson had taken time off work to join the pursuit full time.

“This was definitely an unexpected turn,” he recalls. “And the first hint that this might not just be the work of a random internet troll.” Although now disconnected, the phone line was based in Texas, and led to an answering machine. There, a robotic voice told them to find the prime numbers in the original image. By multiplying them together, the solvers found a new prime and a new website: 845145127.com. A countdown clock and a huge picture of a cicada confirmed they were on the right path.

“It was thrilling, breathtaking by now,” says Eriksson. “This shared feeling of discovery was immense. But the plot was about to thicken even more.” Once the countdown reached zero, at 5pm GMT on January 9, it showed 14 GPS coordinates around the world: locations in Warsaw, Paris, Seattle, Seoul, Arizona, California, New Orleans, Miami, Hawaii and Sydney. Sat in Sweden, Eriksson waited as, around the globe, amateur solvers left their apartments to investigate. And, one by one reported what they’d found: a poster, attached to a lamp post, bearing the cicada image and a QR code (the black-and-white bar code often seen on adverts these days and designed to take you to a website via your smartphone).

“It was exhilarating,” said Eriksson. “I was suddenly aware of how much effort they must have been putting into creating this kind of challenge.” For the growing Cicada community, it was explosive – proof this wasn’t merely some clever neckbeard in a basement winding people up, but actually a global organisation of talented people. But who?

Speculation had been rife since the image first appeared. Some thought Cicada might merely be a PR stunt; a particularly labyrinthine Alternate Reality Game (ARG) built by a corporation to ultimately – and disappointingly – promote a new movie or car.

Microsoft, for example, had enjoyed huge success with their critically acclaimed “I Love Bees” ARG campaign. Designed to promote the Xbox game Halo 2 in 2004, it used random payphones worldwide to broadcast a War of the Worlds-style radio drama that players would have to solve.

But there were complicating factors to Cicada. For one, the organisers were actively working against the participants. One “solver”, a female known only as Wind from Michigan, contributed to the quest on several messageboards before the community spotted she was deliberately disseminating false clues. Other interference was more pointed. One long, cautionary diatribe, left anonymously on the website Pastebin, claimed to be from an ex-Cicada member – a non-English military officer recruited to the organisation “by a superior”. Cicada, he said, “was a Left-Hand Path religion disguised as a progressive scientific organisation” – comprising of “military officers, diplomats, and academics who were dissatisfied with the direction of the world”. Their plan, the writer claimed, was to transform humanity into the Nietzschen Übermensch.

“This is a dangerous organisation,” he concluded, “their ways are nefarious.” With no other clues, it was also asssumed by many to be a recruitment drive by the CIA, MI6 or America’s National Security Agency (NSA), as part of a search for highly talented cryptologists. It wouldn’t have been the first time such tactics had been used.

Back in 2010, for example, Air Force Cyber Command – the United States’ hacking defence force, based at Fort Meade in Maryland – secretly embedded a complex hexadecimal code in their new logo. Cybercom head Lt Gen Keith Alexander then challenged the world’s amateur analysts to crack it (it took them three hours). And in September this year, GCHQ launched the “Can You Find It?” initiative – a series of cryptic codes designed to root out the best British cryptographers. As GCHQ’s head of resourcing Jane Jones said at the time, “It’s a puzzle but it’s also a serious test – the jobs on offer here are vital to protecting national security.”

GCHQ’s ‘Can You Find It?’ puzzle

Dr Jim Gillogly, former president of the American Cryptogram Association, has been cracking similar codes for years and says it’s a tried and tested recruitment tactic.

“During the Second World War, the top-secret Government Code and Cypher School used crossword puzzles printed in The Daily Telegraph to identify good candidates for Bletchley Park,” he says. “But I’m not sure the CIA or NSA is behind Cicada. Both are careful with security, the recent Snowden case notwithstanding. And starting the puzzle on [the anarchic internet forum] 4chan might attract people with less respect for authority than they would want working inside.”

But that doesn’t rule out other organisations. “Computer and data security is more important than ever today,” says Dr Gillogly. The proliferation of wireless devices, mobile telephones, e-commerce websites like Amazon and chip-and-pin machines, means the demand for cryptologists has never been higher. (Something the UK government acknowledged last year when it announced it was setting up11 academic “centres of excellence” in cyber security research.)

“One of the more important components of security systems is the efficacy of the cryptography being used,” says Dr Gillogly. “Which means cryptanalysts are in higher demand than ever before – no longer just with the intelligence services. It could just as easily be a bank or software company [behind Cicada].”

Eriksson himself agrees. As a regular speaker at Black Hat Briefings – the secretive computer security conferences where government agencies and corporations get advice from hackers – he knows certain organisations occasionally go “fishing” for new recruits like this. But to him the signs point to a recruitment drive by a hacker group like Anonymous.

“I can’t help but notice,” he says, “that the locations in question are all places with some of the most talented hackers and IT security researchers in the world.” Either way, their identity would prove irrelevant. When the QR codes left on the lamp posts were decoded, a hidden message pointed the solvers towards a TOR address. TOR, short for The Onion Router, is an obscure routing network that allows anonymous access to the “darknet” – the vast, murky portion of the internet that cannot be indexed by standard search engines.Estimated to be 5,000 times larger that the “surface” web, it’s in these recesses where you’ll find human-trafficking rings, black market drug markets and terrorist networks. And it’s here where the Cicada path ended.

After a designated number of solvers visited the address, the website shut down with a terse message: “We want the best, not the followers.” The chosen few received personal emails – detailing what, none have said, although one solver heard they were now being asked to solve puzzles in private. Eriksson, however, was not among them. “It was my biggest anticlimax – when I was too late to register my email at the TOR hidden service,” he says. “If my sleep-wake cycle had been different, I believe I would have been among the first.” Regardless, a few weeks later, a new message from Cicada was posted on Reddit. It read: “Hello. We have now found the individuals we sought. Thus our month-long journey ends. For now.” All too abruptly for thousands of intrigued solvers, it had gone quiet.

Except no. On January 4 this year, something new. A fresh image, with a new message in the same white text: “Hello again. Our search for intelligent individuals now continues.” Analysis of the image would reveal another poem – this time from the bookLiber Al Vel Legis, a religious doctrine by the English occultist and magician Aleister Crowley. From there, the solvers downloaded a 130Mb file containing thousands of prime numbers. And also an MP3 file: a song called The Instar Emergence by the artist 3301, which begins with the sound of – guess what – cicadas.

Analysis of that has since led to a Twitter account pumping out random numbers, which in turn produced a “gematria”: an ancient Hebrew code table, but this time based on Anglo-Saxon runes. This pointed the solvers back into the darknet, where they found seven new physical locations, from Dallas to Moscow to Okinawa, and more clues. But that’s where, once again, the trail has gone cold. Another select group of “first solvers” have been accepted into a new “private” puzzle – this time, say reports, a kind of Myers-Briggs multiple-choice personality test.

But still, we are no closer to knowing the source, or fundamental purpose, of Cicada 3301. “That’s the beauty of it though,” says Eriksson. “It is impossible to know for sure until you have solved it all.” That is why for him, and thousands of other hooked enthusiasts, January 4 2014 is so important: that’s when the next set of riddles is due to begin again. “Maybe all will be revealed then,” he grins. “But somehow, I doubt it.”

The nation’s second most powerful court is poised to decide whether Internet service will go the way of cable TV, resulting in a system in which users may have to pay extra to receive content from online services such as Netflix, iTunes or YouTube.

Verizon filed its lawsuit in the U.S. Court of Appeals for the District of Columbia Circuit, which handles most cases involving federal agencies and, as a result, has the most influence of any appellate court below the U.S. Supreme Court. Oral arguments in the case were heard in September of this year, and the D.C. Circuit court is expected to hand down its decision in the next few months.

The lawsuit hinges on the thorny question of just how much oversight, if any, the FCC has overbroadband networks and ISPs. However, the core issue at hand centers on the question of net neutrality — whether the Internet should be the same for all users, or whether ISPs should have full control over what users can see or do online.

If the court sides with Verizon, how users access the Internet, and what they do online, will be irrevocably affected.

“Anyone who connects to the Internet, in one way or another, will be impacted” by the decision, security analyst McCall Paxton of Indianapolis-based Rook Consulting told Tom’s Guide.

What is net neutrality?

The tricky thing about net neutrality, Paxton said, is that it’s not an engineering term, but rather a political term that means different things to different people, making it difficult to define consistently.

In simplest terms, net neutrality is about treating everyone on the Internet equally, so that users can access all online content and services from any device and any application without any restrictions or limitations from their fixed-line ISPs.

This isn’t a new concept — this is currently the way the Internet works. The FCC’s 2010 order simply added rules emphasizing that landline ISPs have to continue providing users with neutral networks. (Mobile data providers have a looser set of rules.)

The rules state, for example, that ISPs cannot block traffic to video-chatting applications in favor of other applications, restrict bandwidth when users access torrent or other peer-to-peer sites or charge extra for streaming content such as Hulu or Pandora.

The appeals court could go many ways with its decision in Verizon v. FCC. The court might choose to strike down some, or all, of the net neutrality rules on the grounds that the FCC lacks authority to impose such rules.

It might also cite legal precedent that suggests the FCC already has the authority, but just hasn’t explicitly claimed it, which would reject Verizon’s argument. It’s also likely that a decision that favors one side over the other will be appealed to the U.S. Supreme Court.

Regardless of the court decision, said Josh Levy, a director at the Washington, D.C., advocacy group Free Press, it is increasingly becoming clear that if the FCC wants to protect net neutrality, it needs to reclassify broadband and mobile networks as “common carriers.” These are public utilities, such as the telephone network, that everyone needs and that can be regulated by the government.

A world without net neutrality

No ISP has said outright what it would do if net neutrality rules were struck down, but it’s clear from statements made in the past that some ISPs believe they should have the authority to control how users use the ISPs’ networks to access online content.

One scenario envisions that ISPs would offer customers “basic” plans to access common sites and applications, and then package access to other services, such as video streaming or VoIP telephone services such as Skype, as part of more expensive “premium” plans, similar to what currently happens with cable TV networks.

YouTube, ESPN.com and Netflix may become parts of premium Internet services, much in the way HBO and Showtime are considered premium cable channels, Paxton suggested.

In another scenario, ISPs could tell online businesses that they could pay extra for certain services the ISPs might want to offer them. The ISPs could speed up network connections so that end users load those businesses’ sites or services faster. Conversely, those online services who haven’t paid extra might experience poor network performance.

The end of net neutrality could also mean that ISPs imposed a bandwidth cap, requiring streaming services to pay more for additional data-transfer speed. Those extra costs would eventually be passed onto the consumer, Paxton said.

These speculative scenarios are not far-fetched. Paxton said that Verizon, AT&T, Comcast and other ISPs have been searching since 2005 for ways to change how they charge companies and users for Internet access.

There have even been instances in which AT&T tried to restrict Apple’s FaceTime video-chatting application on its AT&T Wireless cellular data networks, Paxton said, or in which Comcast cut back network speeds for peer-to-peer sites.

“People want to be able to just use the Internet,” Paxton said. “They don’t want to pay extra for devices or applications.”

ISPs have argued that net neutrality is ultimately unfair to end users, because big Web companies such as Yahoo, Netflix, and Google can grow and build up profits, while consumers are left footing the bill for the resulting necessary Internet infrastructure expansion.

Customers, the ISPs argue, should be allowed to pay for just the kind of Internet they want, and not for services and applications they never use.

Providers such as AT&T would like to allocate a certain portion of their networks to streaming video and VoIP, so customers who have purchased those services will get great performance. Taking away net neutrality rules would allow ISPs to roll out these kind of priority services, which would benefit users.

The flip side, of course, is that “regular” Web users could see a degradation in service as their portions of the networks become congested.

During oral arguments in the case, Levy said, Verizon claimed a First Amendment free-speech right to curate what kind of content is transmitted across its broadband networks.

“Verizon believes it should be able to edit the Internet, much like the way a publisher has control over a newspaper,” Levy said.

The White House keeps changing Obamacare. Is that legal?

Welcome to Health Reform Watch, Sarah Kliff’s regular look at how the Affordable Care Act is changing the American health-care system — and being changed by it. You can reach Sarah with questions, comments and suggestions here. Check back every Monday, Wednesday and Friday afternoon for the latest edition, and read previous columns here.

“This is one of the perennial questions in administrative law: How much power can you claim from statutory ambiguity?” says Nicholas Bagley, who teaches administrative law at the University of Michigan Law School. “The hard question for those of us trying to ascertain the bounds is how flexible are laws, and how much power do we believe Congress gives to the executive branch?”

The White House can’t simply decide not to set up a law; that much is clear in the constitution, which says the executive branch “shall take care that the laws be faithfully executed.”

At the same time, Congress has also given the executive branch some flexibility in determining what it means to “faithfully” execute a law. It’s hard, after all, for legislators to predict every thorny issue that will come up in the process of turning laws into regulations.

In 1946, legislators passed the Administrative Procedures Act, which governs the way that regulatory agencies carry out legislation. That law both gives agencies discretion in setting up laws, but holds them accountable for carrying out Congress’s intentions.

“Under the Administrative Procedure Act precedent, the courts can compel agencies that have been unreasonably delayed,” says Simon Lazarus, a senior counsel at the Constitutional Accountability Center. “Those tend to involve delays that have gone on for years.”

Courts have frequently grappled with issues of what counts as an “unreasonable” delay and, as many experts will tell you, they still haven’t set a bright line between executive discretion and disobedience.

Still, there is precedent that gives us some guidance into what is, and is not, appropriate.

In Chevron v. NRDC, a 1984 Supreme Court case, the justices granted regulatory authority when it comes to filling in any ambiguous gaps in a law. “The idea there was that the agency has the experts, and it also makes the executive branch electorally accountable,” Bagley says. “You’d want the President to be making the tough calls.”

Another case decided in the District of Columbia circuit court that same year provided additional guidance on what standards the courts should look to, in determining whether a delay was unreasonable. In that case, Telecommunications Research and Action Center v. FCC, the judges outlined a six-pronged test to understand delays that extended beyond statutory deadlines.

It stated that “delays that might be reasonable in the sphere of economic regulation are less tolerable when human health and welfare are at stake” and said the court should also take into account “where Congress has provided a timetable or other indication of the speed with which it expects the agency to proceed in enabling statute.”

So, where does that leave us with the Affordable Care Act? Michael McConnell, a former judge on the U.S. Court of Appeals for the Tenth Circuit, has made perhaps the highest-profile argumentthat the decision was illegal. His case is that the employer mandate delay does more than show flexibility – it dispenses with law altogether.

“Statute does provide broad discretion, but unless there’s some explicit statutory authorization they don’t have the right not to do it,” McConnell, who now directs the Constitutional Law Center at Stanford University’s School of Law, says. “That’s the difference. Suspending and dispensing with statutes are equally impermissible.”

McConnell says this isn’t an issue specific to the Obama administration, or the Affordable Care Act. President Richard Nixon asserted authority not to spend the money appropriated by Congress, which then led legislators to pass the Congressional Budget and Impoundment Control Act in 1974. The legislation, which prohibited such behavior, was later upheld in the courts.

In Congressional testimony, Treasury makes a counter argument: That the agency is by no means dispensing with the law — they still plan to implement it — but rather making an adjustment, well within executive discretion. The agency says this authority stems from its power to “prescribe all needful rules and regulations for the enforcement of this title.”

Moreover, this is something that the agency has done more than a dozen times before, without a peep from Congress.

“On a number of prior occasions across administrations, this authority has been used to postpone the application of new legislation when the immediate application would have subjected taxpayers to unreasonable administrative burdens or costs,” Mark Iwry, Deputy Assistant Secretary for Retirement and Health Policy at Treasury, told legislators.

Precedent does matter in courts, University of Michigan’s Bagley says. At the same time, he doesn’t see this as an especially strong legal foundation for defending the delay.

“There are challenges in the argument,” he says. “Affording transitional relief for a law that was enacted four years ago raised the question of, shouldn’t you have had your ducks in a row when you knew this was coming down the pike? There might be questions about whether a year is an appropriate delay, too.”

Its also possible, legal experts say, that it’s too soon to determine whether this delay counts as not implementing the Affordable Care Act – or if it’s a more mundane show of discretion. If the administration had, for example, announced that it never intended to require employers to provide health benefits, that would near certainly be seen as flouting the law. But if they delay it until 2016, or 2017? That’s a greyer area.

“It depends on whether there’s really clear progress towards the implementation of the statute,” says Rob Weiner, a former associate deputy attorney at the Department of Justice, whose work focused heavily on Affordable Care Act litigation. “If they were doing nothing, at some point, I think that a court would suggest it’s not an exercise of discretion and say enough is enough.”

KLIFF NOTES: Top health policy reads from around the Web.

Texas won’t enforce Obamacare’s insurance reforms. “Texas, Arizona, Alabama, Missouri, Oklahoma and Wyoming have all notified the federal government that they will not be policing the health law. John Greeley, a spokesman for the Texas Department of Insurance, said his agency cannot enforce regulations tied to the federal insurance exchange or market reforms because it is not authorized to do so. The practical effects of the state’s decision are not entirely clear yet. In the first show of autonomy, Texas was not required to comply with a federal request for information about its insurance plans. Most states defaulting to the federal health insurance exchange had to submit that information by July 31.” Becca Aaronson in the Texas Tribune.

George W. Bush’s heart stent has kicked off a debate over appropriate care. “The debate has centered on both the cost of stenting, which can run as high as $50,000 at some hospitals, and its side effects, which can include excess bleeding, blood clots and, rarely, death. Opponents say the overuse of procedures like stenting for unproven benefit has helped keep U.S. medical care on pace to surpass $3.1 trillion next year, according to the U.S. Centers for Medicare and Medicaid Services.” Michelle Fay Cortez in Bloomberg News.

Not all Congressional staffers will buy coverage on the new marketplaces. “The proposal leaves it to ‘the employing office of the member of Congress’ to determine whether an employee meets the statutory definition in the health care law (PL 111-148, PL 111-152) of who is required to go to the exchange for health insurance, the personnel agency said. The law says that aides who must use the exchanges include those who work for “the official office of a member of Congress.” Enrollment in the exchanges, or marketplaces, begins Oct. 1.” John Reichard in Congressional Quarterly.

Like all the NSA slides we’ve seen so far, this one is unlikely to win a Powerpoint beauty pageant anytime soon.

Not that this should distract anyone from the profoundly disturbing implications of this US government malware map that’s being reported by a Dutch news agency — an outlet to which the US government gave a “no comment.”

The American intelligence service — NSA — infected more than 50,000 computer networks worldwide with malicious software designed to steal sensitive information.

Documents provided by former NSA employee Edward Snowden and seen by this newspaper, prove this.

(…) The NSA declined to comment and referred to the US Government. A government spokesperson states that any disclosure of classified material is harmful to our national security.

An NSA Web page that outlines the agency’s Computer Network Operations program describes Computer Network Exploitation, or CNE, as a key part of the program’s mission and says CNE “includes enabling actions and intelligence collection via computer networks that exploit data gathered from target or enemy information systems or networks.”

In late August, The Washington Post reported on the NSA’s “hacking unit” called Tailored Access Operations (TAO).

The Post wrote:

According to a profile by Matthew M. Aid for Foreign Policy, it’s a highly secret but incredibly important NSA program that collects intelligence about foreign targets by hacking into their computers, stealing data, and monitoring communications.

(…) Dean Schyvincht, who claims to currently be a TAO Senior Computer Network Operator in Texas, might reveal the most about the scope of TAO activities.

He says the 14 personnel under his management have completed “over 54,000 Global Network Exploitation (GNE) operations in support of national intelligence agency requirements.”

This is one letter away from being exact.

On the NSA’s network ops page, there is no program with the acronym GNE — only CNE and,

Security researchers online are speculating that telecoms were the most likely targets for the malware.

They may not be too far off the mark.

NRC cites an example of Britain’s NSA counterpart, GCHQ, being found to use spoofed LinkedIn pages to install surveillance malware on target computers in Belgium telecom, Belgacom (translated):

One example of this type of hacking was discovered in September 2013 at the Belgium telecom provider Belgacom.

For a number of years the British intelligence service — GCHQ — has been installing this malicious software in the Belgacom network in order to tap their customer’s telephone and data traffic.

The Belgacom network was infiltrated by GCHQ through a process of luring employees to a false Linkedin page.

NRC concludes its article by telling us that the Dutch government’s intelligence service has its own hacking unit, but that it’s prohibited by law from engaging in the type of operations that the CNE slide suggests the NSA carried out.

Government Claims Americans Have No Right To Challenge NSA Phone Surveillance

Posted: 11/22/2013 4:48 pm EST | Updated: 11/22/2013 5:56 pm EST

NEW YORK — After years of secrecy, the National Security Agency’s phone records surveillance program had its day in open court on Friday, as civil liberties lawyers asked a federal judge in New York to shut it down, and government lawyers claimed ordinary Americans cannot legally challenge it.

U.S. District Court Judge William H. Pauley III did not immediately rule on issuing an injunction against the NSA program. But he did push the government on whether it respected Americans’ rights to privacy and freedom of association, and whether Congress was adequately informed about the program.

“Never before has the government attempted a program of dragnet surveillance on this scale,” warned Alexander Abdo, a staff attorney at the American Civil Liberties Union. The group brought its lawsuit against the program in June, just days after NSA leaker Edward Snowden revealed its existence. The ACLU is arguing that the government’s surveillance exceeds both its powers under the Patriot Act, and under the First and Fourth amendments.

Department of Justice attorney Stuart Delery said ordinary Americans have no standing to challenge the collection of their call records. Citing a 1979 Supreme Court ruling, he said Americans have no reasonable expectation of privacy for those records, and that only phone companies can challenge their collection.

No telecommunications firm has ever fought an order from the Foreign Intelligence Surveillance Court, which oversees the NSA program and is closed to the public.

Delery also argued that the program is “carefully calibrated to the purpose for which it is being used” — to map the call networks of those the government suspects are connected to terrorist groups.

Pauley questioned Delery, however, on whether all members of Congress were aware that the Patriot Act was used to support such a far-reaching program. Rep. James Sensenbrenner (R-Wisc.), the original author of the act, claimed in a brief to the courtthat he never envisioned the law as a way to sweep up every phone record. It appears many members of the House of Representatives, meanwhile, were uninformed about the Foreign Intelligence Surveillance Court’s interpretation of the law when they voted on its reauthorization in 2011.

Delery replied that the House and Senate Intelligence committees, which were briefed on the program, “stand in the shoes” of Congress as a whole.

The judge questioned the ACLU about whether it could show that it had actually been harmed by the NSA program.

The ACLU’s lawsuit is one of the most prominent of the legal efforts to stop the call records program, along with a suit by conservative lawyer Larry Klayman in Washington District Court and a request by the Electronic Privacy Information Center to have the Supreme Court consider the program on an emergency basis. The center’s request was turned down Monday.

The government’s position in those cases has been that only the Foreign Intelligence Surveillance Court, which repeatedly reauthorized the call records program, has the jurisdiction to consider its legality.

In the waning weeks of its current session, Congress is also considering various proposals for the call records program that either shut it down or enshrine it in law.